Use custom_url_rewrite_inbound()

subscribing

I had the same problem, and sorted out by adding custom_url_rewrite_inbound() to settings.php.

This method is better than Apache rewrite rules, as it let you prevent access to node pages depending on user authentication status, or any other condition you may want.

You will also get a nice 404 error in drupal reports page every time someone tries to access a node directly and the message will include which was the original page entered (as notfound_node/11)

The reason why I let the admin user to access node/x pages, is that he's the one that will edit pages, and for that task he needs to access node/xx/edit.

My settings.php file has the following function:

function custom_url_rewrite_inbound(&$result, $path, $path_language)
{
  global $user;

  // I do not filter url for the admin user
  if($user->uid == 1)
  {
    /* $result=$path; */ Just found out that this creates problems with URL aliases.
    return;
  }

  // I don't want people accessing pages through HOST/node/number
  if (preg_match('|^node/(.*)$|', $path, $matches))
  {
    $result='notfound_node/'.$matches[1];
    return;
  }

  // Prevent accessing main node page (HOST/node and HOST/node/)
  if (preg_match('|^node/?$|', $path))
  {
    $result='notfound_node';
    return;
  }
}

I'm not a Drupal expert but I think this works well. Hope it helps.

Good module:
https://www.drupal.org/project/access_filter
allows deny from node/n with a +B:Blind key that means will let through aliases